From: Richard Palethorpe <rpalethorpe@suse.de>
To: Martin Doucha <mdoucha@suse.cz>
Cc: ltp@lists.linux.it
Subject: Re: [LTP] [PATCH] Add test for CVE 2022-4378
Date: Mon, 19 Dec 2022 09:30:00 +0000 [thread overview]
Message-ID: <87r0wvu42q.fsf@suse.de> (raw)
In-Reply-To: <20221216170922.21752-1-mdoucha@suse.cz>
Hello,
Martin Doucha <mdoucha@suse.cz> writes:
> Signed-off-by: Martin Doucha <mdoucha@suse.cz>
> ---
> runtest/cve | 1 +
> testcases/cve/.gitignore | 1 +
> testcases/cve/cve-2022-4378.c | 108 ++++++++++++++++++++++++++++++++++
> 3 files changed, 110 insertions(+)
> create mode 100644 testcases/cve/cve-2022-4378.c
>
> diff --git a/runtest/cve b/runtest/cve
> index fd0305aa3..1ba63c2a7 100644
> --- a/runtest/cve
> +++ b/runtest/cve
> @@ -76,3 +76,4 @@ cve-2022-0847 dirtypipe
> cve-2022-2590 dirtyc0w_shmem
> # Tests below may cause kernel memory leak
> cve-2020-25704 perf_event_open03
> +cve-2022-4378 cve-2022-4378
> diff --git a/testcases/cve/.gitignore b/testcases/cve/.gitignore
> index eb0a8b37d..90e8b191c 100644
> --- a/testcases/cve/.gitignore
> +++ b/testcases/cve/.gitignore
> @@ -10,4 +10,5 @@ stack_clash
> cve-2017-17052
> cve-2017-16939
> cve-2017-17053
> +cve-2022-4378
> icmp_rate_limit01
> diff --git a/testcases/cve/cve-2022-4378.c b/testcases/cve/cve-2022-4378.c
> new file mode 100644
> index 000000000..e1c5df325
> --- /dev/null
> +++ b/testcases/cve/cve-2022-4378.c
> @@ -0,0 +1,108 @@
> +// SPDX-License-Identifier: GPL-2.0-or-later
> +/*
> + * Copyright (C) 2022 SUSE LLC <mdoucha@suse.cz>
> + */
> +
> +/*\
> + * CVE 2022-4378
> + *
> + * Check that writing several pages worth of whitespace into /proc/sys files
> + * does not cause kernel stack overflow. Kernel bug fixed in:
> + *
> + * commit bce9332220bd677d83b19d21502776ad555a0e73
> + * Author: Linus Torvalds <torvalds@linux-foundation.org>
> + * Date: Mon Dec 5 12:09:06 2022 -0800
> + *
> + * proc: proc_skip_spaces() shouldn't think it is working on C strings
> + */
Haha, OK, merged with minor fix to null terminate tags array (detected
by make check).
--
Thank you,
Richard.
--
Mailing list info: https://lists.linux.it/listinfo/ltp
next prev parent reply other threads:[~2022-12-19 9:37 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-16 17:09 [LTP] [PATCH] Add test for CVE 2022-4378 Martin Doucha
2022-12-19 9:30 ` Richard Palethorpe [this message]
2022-12-19 10:07 ` pvorel
2022-12-19 10:12 ` pvorel
2022-12-19 14:31 ` Richard Palethorpe
2022-12-19 23:58 ` Petr Vorel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87r0wvu42q.fsf@suse.de \
--to=rpalethorpe@suse.de \
--cc=ltp@lists.linux.it \
--cc=mdoucha@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox